Example 11 with RoleBean
use of io.apiman.manager.api.beans.idm.RoleBean in project apiman by apiman.
the class StorageImportDispatcher method role.
/**
* @see io.apiman.manager.api.exportimport.read.IImportReaderDispatcher#role(io.apiman.manager.api.beans.idm.RoleBean)
*/
@Override
public void role(RoleBean role) {
try {
// $NON-NLS-1$
logger.info(Messages.i18n.format("StorageImportDispatcher.ImportingRole") + role.getName());
RoleBean roleBean = storage.getRole(role.getId());
if (roleBean != null) {
storage.updateRole(role);
} else {
storage.createRole(role);
}
} catch (StorageException e) {
error(e);
}
}
Also used :
RoleBean(io.apiman.manager.api.beans.idm.RoleBean)
StorageException(io.apiman.manager.api.core.exceptions.StorageException)
Example 12 with RoleBean
use of io.apiman.manager.api.beans.idm.RoleBean in project apiman by apiman.
the class RoleResourceImpl method create.
/**
* @see IRoleResource#create(io.apiman.manager.api.beans.idm.NewRoleBean)
*/
@Override
public RoleBean create(NewRoleBean bean) throws RoleAlreadyExistsException, NotAuthorizedException {
securityContext.checkAdminPermissions();
RoleBean role = new RoleBean();
role.setAutoGrant(bean.getAutoGrant());
role.setCreatedBy(securityContext.getCurrentUser());
role.setCreatedOn(new Date());
role.setDescription(bean.getDescription());
role.setId(BeanUtils.idFromName(bean.getName()));
role.setName(bean.getName());
role.setPermissions(bean.getPermissions());
try {
if (storage.getRole(role.getId()) != null) {
throw ExceptionFactory.roleAlreadyExistsException(role.getId());
}
storage.createRole(role);
return role;
} catch (StorageException e) {
throw new SystemErrorException(e);
}
}
Also used :
SystemErrorException(io.apiman.manager.api.rest.exceptions.SystemErrorException)
NewRoleBean(io.apiman.manager.api.beans.idm.NewRoleBean)
UpdateRoleBean(io.apiman.manager.api.beans.idm.UpdateRoleBean)
RoleBean(io.apiman.manager.api.beans.idm.RoleBean)
StorageException(io.apiman.manager.api.core.exceptions.StorageException)
Date(java.util.Date)
Example 13 with RoleBean
use of io.apiman.manager.api.beans.idm.RoleBean in project apiman by apiman.
the class RestHelper method hideSensitiveDataFromRoleBean.
/**
* This method will hide sensitive data, such as created by, from the result
*
* @param securityContext the security context
* @param roleBean the role
* @return the role without sensitive data
*/
public static RoleBean hideSensitiveDataFromRoleBean(ISecurityContext securityContext, RoleBean roleBean) {
if (securityContext.isAdmin()) {
return roleBean;
} else {
RoleBean role = new RoleBean();
role.setId(roleBean.getId());
role.setName(roleBean.getName());
role.setPermissions(roleBean.getPermissions());
role.setAutoGrant(roleBean.getAutoGrant());
role.setDescription(roleBean.getDescription());
// check if the role was created by the current user
if (securityContext.getCurrentUser().equals(roleBean.getCreatedBy())) {
role.setCreatedBy(roleBean.getCreatedBy());
role.setCreatedOn(roleBean.getCreatedOn());
}
return role;
}
}
Also used :
RoleBean(io.apiman.manager.api.beans.idm.RoleBean)
Example 14 with RoleBean
use of io.apiman.manager.api.beans.idm.RoleBean in project apiman by apiman.
the class OrganizationService method createOrg.
public OrganizationBean createOrg(NewOrganizationBean bean) throws OrganizationAlreadyExistsException, InvalidNameException {
FieldValidator.validateName(bean.getName());
List<RoleBean> autoGrantedRoles;
SearchCriteriaBean criteria = new SearchCriteriaBean();
criteria.setPage(1);
criteria.setPageSize(100);
// $NON-NLS-1$ //$NON-NLS-2$
criteria.addFilter("autoGrant", "true", SearchCriteriaFilterOperator.bool_eq);
try {
autoGrantedRoles = query.findRoles(criteria).getBeans();
} catch (StorageException e) {
throw new SystemErrorException(e);
}
if ("true".equals(System.getProperty("apiman.manager.require-auto-granted-org", "true"))) {
// $NON-NLS-1$ //$NON-NLS-2$ //$NON-NLS-3$
if (autoGrantedRoles.isEmpty()) {
// $NON-NLS-1$
throw new SystemErrorException(Messages.i18n.format("OrganizationResourceImpl.NoAutoGrantRoleAvailable"));
}
}
return tryAction(() -> {
OrganizationBean orgBean = new OrganizationBean();
orgBean.setName(bean.getName());
orgBean.setDescription(bean.getDescription());
orgBean.setId(BeanUtils.idFromName(bean.getName()));
orgBean.setCreatedOn(new Date());
orgBean.setCreatedBy(securityContext.getCurrentUser());
orgBean.setModifiedOn(new Date());
orgBean.setModifiedBy(securityContext.getCurrentUser());
// Store/persist the new organization
if (storage.getOrganization(orgBean.getId()) != null) {
throw ExceptionFactory.organizationAlreadyExistsException(bean.getName());
}
storage.createOrganization(orgBean);
storage.createAuditEntry(AuditUtils.organizationCreated(orgBean, securityContext));
// Auto-grant memberships in roles to the creator of the organization
for (RoleBean roleBean : autoGrantedRoles) {
String currentUser = securityContext.getCurrentUser();
String orgId = orgBean.getId();
RoleMembershipBean membership = RoleMembershipBean.create(currentUser, roleBean.getId(), orgId);
membership.setCreatedOn(new Date());
storage.createMembership(membership);
}
// $NON-NLS-1$
LOGGER.debug(String.format("Created organization %s: %s", orgBean.getName(), orgBean));
return orgBean;
});
}
Also used :
SystemErrorException(io.apiman.manager.api.rest.exceptions.SystemErrorException)
RoleMembershipBean(io.apiman.manager.api.beans.idm.RoleMembershipBean)
SearchCriteriaBean(io.apiman.manager.api.beans.search.SearchCriteriaBean)
RoleBean(io.apiman.manager.api.beans.idm.RoleBean)
MemberRoleBean(io.apiman.manager.api.beans.members.MemberRoleBean)
UpdateOrganizationBean(io.apiman.manager.api.beans.orgs.UpdateOrganizationBean)
OrganizationBean(io.apiman.manager.api.beans.orgs.OrganizationBean)
NewOrganizationBean(io.apiman.manager.api.beans.orgs.NewOrganizationBean)
StorageException(io.apiman.manager.api.core.exceptions.StorageException)
Date(java.util.Date)
Example 15 with RoleBean
use of io.apiman.manager.api.beans.idm.RoleBean in project apiman by apiman.
the class EsStorage method getPermissions.
/**
* @see io.apiman.manager.api.core.IStorageQuery#getPermissions(java.lang.String)
*/
@Override
public Set<PermissionBean> getPermissions(String userId) throws StorageException {
try {
@SuppressWarnings("nls") QueryBuilder qb = QueryBuilders.termQuery("userId", userId);
SearchSourceBuilder builder = new SearchSourceBuilder().query(qb).size(500);
// $NON-NLS-1$
List<SearchHit> hits = listEntities(INDEX_MANAGER_POSTFIX_ROLE_MEMBERSHIP, builder);
Set<PermissionBean> rval = new HashSet<>(hits.size());
if (!hits.isEmpty()) {
for (SearchHit hit : hits) {
Map<String, Object> source = hit.getSourceAsMap();
// $NON-NLS-1$
String roleId = String.valueOf(source.get("roleId"));
// $NON-NLS-1$
String qualifier = String.valueOf(source.get("organizationId"));
RoleBean role = getRole(roleId);
if (role != null) {
for (PermissionType permission : role.getPermissions()) {
PermissionBean p = new PermissionBean();
p.setName(permission);
p.setOrganizationId(qualifier);
rval.add(p);
}
}
}
}
return rval;
} catch (Exception e) {
throw new StorageException(e);
}
}
Also used :
SearchHit(org.elasticsearch.search.SearchHit)
PermissionType(io.apiman.manager.api.beans.idm.PermissionType)
RoleBean(io.apiman.manager.api.beans.idm.RoleBean)
TermsQueryBuilder(org.elasticsearch.index.query.TermsQueryBuilder)
QueryBuilder(org.elasticsearch.index.query.QueryBuilder)
BoolQueryBuilder(org.elasticsearch.index.query.BoolQueryBuilder)
IOException(java.io.IOException)
StorageException(io.apiman.manager.api.core.exceptions.StorageException)
SearchSourceBuilder(org.elasticsearch.search.builder.SearchSourceBuilder)
PermissionBean(io.apiman.manager.api.beans.idm.PermissionBean)
StorageException(io.apiman.manager.api.core.exceptions.StorageException)
HashSet(java.util.HashSet)
Aggregations
RoleBean (io.apiman.manager.api.beans.idm.RoleBean)18
StorageException (io.apiman.manager.api.core.exceptions.StorageException)13
SystemErrorException (io.apiman.manager.api.rest.exceptions.SystemErrorException)9
NewRoleBean (io.apiman.manager.api.beans.idm.NewRoleBean)5
RoleMembershipBean (io.apiman.manager.api.beans.idm.RoleMembershipBean)5
UpdateRoleBean (io.apiman.manager.api.beans.idm.UpdateRoleBean)5
ArrayList (java.util.ArrayList)5
MemberRoleBean (io.apiman.manager.api.beans.members.MemberRoleBean)4
SearchCriteriaBean (io.apiman.manager.api.beans.search.SearchCriteriaBean)4
PermissionType (io.apiman.manager.api.beans.idm.PermissionType)3
UserBean (io.apiman.manager.api.beans.idm.UserBean)3
OrganizationBean (io.apiman.manager.api.beans.orgs.OrganizationBean)3
PermissionBean (io.apiman.manager.api.beans.idm.PermissionBean)2
IOException (java.io.IOException)2
Date (java.util.Date)2
HashSet (java.util.HashSet)2
EntityManager (javax.persistence.EntityManager)2
CriteriaBuilder (com.blazebit.persistence.CriteriaBuilder)1
DeleteCriteriaBuilder (com.blazebit.persistence.DeleteCriteriaBuilder)1
ApimanLoggerFactory (io.apiman.common.logging.ApimanLoggerFactory)1
